From 5384747b19953fc831adf9dbce57b5e14a764a8d Mon Sep 17 00:00:00 2001
From: Avi Miller <Djelibeybi@users.noreply.github.com>
Date: Wed, 9 May 2018 10:15:36 +1000
Subject: [PATCH] Update contribution guide to require the 7-slim image is used
 when a more specific product image is not applicable. (#865)

Signed-off-by: Avi Miller <avi.miller@oracle.com>
---
 CONTRIBUTING.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 46877f554a..1dbe2499d0 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -71,14 +71,16 @@ a pull request.
 
 ### Base Image Rules
 
-1. All Oracle product images must use an Oracle Linux base image.
 1. Extend an existing product image wherever possible. For example, if your
 product requires WebLogic, then extend the WebLogic image instead of creating
 your own WebLogic installation.
+1. If you can't extend an existing image, your image must use the
+`oraclelinux:7-slim` base image as this image provides the smallest
+attack surface and is updated whenever a CVE errata is published.
 1. Re-use existing scripts wherever possible. If a particular base image or
 script doesn't have the functionality you need, open an issue and work with
 the image owner to implement it.
-1. Specify a fixed version in the `FROM` directive, i.e. use
+1. Specify a version in the `FROM` directive, i.e. use
 `FROM oraclelinux:7-slim` or `FROM java/serverjre:8`.
 1. All images must provide a `CMD` or `ENTRYPOINT`. If your image is designed
 to be extended, then this should output documentation on how to extend the